Cyber Security News

Police Seized Website Selling Malware Used to Hack Computers

Federal investigators in Los Angeles confiscated an internet site used to sell computer malware used by hackers to grab control of affected systems and steal a variety of information.

The U.S. Department of Justice reports that the website www.worldwiredlabs[.]com, which offered the sophisticated program known as the NetWire remote access trojan (RAT), which is capable of aiming for and infecting every major computer operating system, was taken down as a result of a seizure warrant.

“A RAT is a type of malware that allows for covert surveillance, allowing a ‘backdoor’ for administrative control and unfettered and unauthorized remote access to a victim’s computer, without the victim’s knowledge or permission”, based on court records submitted in Los Angeles.

Swiss Law Enforcement Seized Control of the Computer Server

Croatian officials arrested a citizen who was supposedly the website’s administrator. The Croatian government will bring charges against this offender.

Also, the server hosting the NetWire RAT infrastructure was also taken by Swiss law enforcement.

Reports stated that in 2020, the only known online distributor of NetWire, worldwidelabs, was the subject of an investigation by the FBI in Los Angeles. 

Undercover investigators with the FBI created an account on the website, paid for a subscription plan, and “constructed a customized instance of the NetWire RAT using the product’s Builder Tool,” according to the affidavit in support of the seizure warrant.

Additionally, the software was promoted on hacking forums, and numerous cybersecurity firms and governmental organizations have documented instances of the NetWireRAT being used in criminal activity. 

However, the website promoted NetWire as a legitimate business tool for maintaining computer infrastructure, and the affidavit claims that NetWire is malware used for malicious purposes.

The Widespread Use of NetWire by Criminals

“Today’s action is a testament to the innovation and flexibility necessary to fighting cybercriminals who operate without borders,” said United States Attorney Martin Estrada.

“Criminals used NetWire on a global scale, and we have responded by dismantling the infrastructure that has caused untold harm to victims around the world.”

Donald Alway, the Assistant Director in Charge of the FBI’s Los Angeles Field Office, claimed that by removing the Netwire RAT, the FBI had a negative impact on the criminal cyber environment.

“The global partnership that led to the arrest in Croatia also removed a popular tool used to hijack computers in order to perpetuate global fraud, data breaches, and network intrusions by threat groups and cyber criminals.”

Network Security Checklist – Download Free E-Book

Guru Baran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

AT&T Reveals Massive Breach Affecting Nearly All Customers’ Call & Text Records

AT&T, one of the largest telecommunications companies in the United States, has disclosed a significant…

1 hour ago

FishXProxy Fuels Phishing Attacks with Clever Deceptive Attacks

Imagine receiving an email that looks legitimate, down to the last detail. This is the…

4 hours ago

Beware of Phishing Attack that Abuses SharePoint Servers

A massive phishing campaign exploits Microsoft SharePoint servers to host malicious PDFs containing phishing links.…

6 hours ago

Apple Warns of Users in 98 Countries of Targeted Spyware Attacks

Apple has alerted iPhone users in 98 countries about potential mercenary spyware attacks. This marks…

7 hours ago

Citrix NetScaler ADC & Gateway Impacted by regreSSHion RCE Vulnerability

Qualys discovered a critical remote unauthenticated code execution (RCE) vulnerability, CVE-2024-6387, in OpenSSH’s server (sshd).…

8 hours ago

4000+ Domains Used By FIN7 Actors Mimic Popular Brands

Russian-linked FIN7 (aka Sangria Tempest, ATK32, Carbon Spider, Coreid, ELBRUS, G0008, G0046, and GOLD NIAGARA)…

8 hours ago